﻿using System;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
using System.Security.Cryptography.X509Certificates;

namespace Ipmce.RemoteVoting.Backend.VotingService
{
	public class CertificateValidator : X509CertificateValidator
	{
		private readonly string _caName;

		public CertificateValidator(string caName)
		{
			_caName = caName;
		}

		public override void Validate(X509Certificate2 certificate)
		{
			if (certificate == null)
			{
				throw new ArgumentNullException("certificate");
			}

			if (certificate.IssuerName.Name != "CN="+_caName)
			{
				throw new SecurityTokenValidationException
				  ("Certificate was not issued by a trusted issuer");
			}
		}
	}
}